VYPR

QRadar SOAR Plugin App

by IBM

CVEs (4)

  • CVE-2023-38019HigFeb 2, 2024
    risk 0.53cvss 8.1epss 0.01

    IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 260575.

  • CVE-2023-38263MedFeb 2, 2024
    risk 0.42cvss 6.5epss 0.00

    IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 260577.

  • CVE-2023-38020MedFeb 2, 2024
    risk 0.28cvss 4.3epss 0.00

    IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576.

  • CVE-2025-36114Aug 20, 2025
    risk 0.00cvss epss 0.00

    IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.